echo off

REM ** Set up the Certificates
set ROOT_NAME=www.jf_root.com
set RP_NAME=www.jf_rp.com
set STS_NAME=neptune
set CLIENT_NAME=www.jf_client.com

echo ************
echo Removing any certificates that are already installed
echo ************

certmgr -del -r LocalMachine -s Root -c -n %ROOT_NAME%
certmgr -del -r LocalMachine -s My -c -n %RP_NAME%
certmgr -del -r LocalMachine -s My -c -n %STS_NAME%
certmgr -del -r LocalMachine -s My -c -n %CLIENT_NAME%

echo ************
echo Root cert setup starting
echo Making %ROOT_NAME% cert
makecert -pe -n CN=%ROOT_NAME% -ss Root -sr LocalMachine -a sha1 -sky signature -r "RootAuthority.cer"
echo ************
echo RelyingParty cert setup starting
echo Making %RP_NAME% cert
makecert.exe -sr LocalMachine -ss My -a sha1 -n CN=%RP_NAME% -sky exchange -pe -is Root -ir LocalMachine -in %ROOT_NAME%
echo ************
echo STS cert setup starting
echo Making %STS_NAME% cert
makecert.exe -sr LocalMachine -ss My -a sha1 -n CN=%STS_NAME% -sky exchange -pe -is Root -ir LocalMachine -in %ROOT_NAME%
echo ************
echo client cert setup starting
echo Making %CLIENT_NAME% cert
makecert.exe -sr LocalMachine -ss My -a sha1 -n CN=%CLIENT_NAME% -sky exchange -pe -is Root -ir LocalMachine -in %ROOT_NAME%
echo ************

echo IIS cert access starting
winhttpcertcfg -g -c LOCAL_MACHINE\My -s %RP_NAME% -a "NetworkService"
winhttpcertcfg -g -c LOCAL_MACHINE\My -s %RP_NAME% -a "ASPNET"
winhttpcertcfg -g -c LOCAL_MACHINE\My -s %STS_NAME% -a "NetworkService"
winhttpcertcfg -g -c LOCAL_MACHINE\My -s %STS_NAME% -a "ASPNET"
echo ************
